This allows you to have a single file that describes a repo.
It also allows a mimetype handle for it so that you can easily
install it via a single click.
We need an actual active installation, not just the base directory.
This caused a failure if the user had tried to install and app but the
installation failed. After that installation failed due to it claiming
to be installed, while uninstall failed due it it *not* being
installed.
This regressed when we moved to bubblewrap. We need to always use
a direct bind for building, because it may not necessarily happen
in a real user session where the session-helper works.
We need to keep all the fd:s needed for bubblewrap alive, so
neuter g_spawn_async:s close of fds and do our own.
Also, we need this so these fds can be closed in the launching app.
This uses various environment variables set during make check
to find the trigger, bwrap and xdg-app-dbusproxy from the build/source dir
rather than the installed location.
This patch adds the --arch option to the build-export builtin command.
Previously build-export derives this from the metadata and then falls back
to xdg_app_get_arch(), except that this does not work when the metadata does
not specify an arch (such as with extensions like .Debug or .Locale).
https://bugs.freedesktop.org/show_bug.cgi?id=95226
Bubblewrap is a new tool from project atomic. Its similar to the old
xdg-app-helper, but even more minimal, and a bit more generic. Its designed
to be easy to git submodule install, but at some point we will probably
support using the system installed version too.
Using bubblewraps lets us share the load of security mainainance and
allows other people to use bubblewrap to do their own unprivileged
sandboxes.
This lets you export and import a runtime or an application into a tarball
that explodes to match the oci runtime spec. This goal of this is to interchange
xdg-app apps with other systems that support OCI.
Note that this is highly experimental, because the oci specs are in flux, and
in fact we should probably use the OCI image spec instead of the runtime spec,
but its not yet finished enough for us to use it. So, don't rely on this for
now other than to experiment with it.
